Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-01-2014 01
Ran by Tomek at 2014-01-29 14:15:49 Run:1
Running from C:\Documents and Settings\Tomek\Pulpit\Naprawa
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
() C:\Documents and Settings\All Users\Dane aplikacji\BetterSoft\OptimizerPro\OptimizerPro.exe
() C:\Program Files\Browsers Protector\regmon32.exe
HKLM\...\Run: [Browsers Protector] - C:\Program Files\Browsers Protector\regmon32.exe [147784 2012-02-15] ()
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [747712 2013-11-22] ()
HKCU\...\Run: [NextLive] - C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)
Task: C:\WINDOWS\Tasks\schedule!567381930.job => C:\Documents and Settings\All Users\Dane aplikacji\BetterSoft\OptimizerPro\OptimizerPro.exe
AppInit_DLLs: c:\docume~1\alluse~1\daneap~1\smartweb\smartweb.dll => C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb\SmartWeb.dll [4238336 2013-12-28] ()
R2 47ead2b2; C:\Documents and Settings\All Users\Dane aplikacji\SmartWeb\SmartWebSvc.dll [175440 2013-12-28] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=68E10025D308E3F7&affID=125032&tsp=5029
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=0b00a5b0-c91a-11e1-ad22-0025d308e3f7
SearchScopes: HKLM - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://startsear.ch/?aff=1&src=sp&cf=0b00a5b0-c91a-11e1-ad22-0025d308e3f7&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Fun2Savee - {9E435106-CC7D-23BB-5880-31DDEF313F1A} - C:\Documents and Settings\All Users\Dane aplikacji\Fun2Savee\umG.dll ()
BHO: SHoppDropp - {F45D0066-911A-ECAE-9417-2DDF69F92D01} - C:\Documents and Settings\All Users\Dane aplikacji\SHoppDropp\9EcyBkRQW.dll ()
Toolbar: HKCU - No Name - {37B85A29-692B-4205-9CAD-2626E4993404} - No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (StartSearch )
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: QuickStores-Toolbar - C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-12-11]
FF Extension: z - C:\Program Files\Mozilla Firefox\extensions\{b8665832-4e96-1eef-77d6-41bba3c0f95a} [2013-12-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1
C:\Documents and Settings\All Users\Dane aplikacji\Babylon
C:\Documents and Settings\All Users\Dane aplikacji\Browse22save
C:\Documents and Settings\All Users\Dane aplikacji\cA13602MpFkD13602
C:\Documents and Settings\All Users\Dane aplikacji\dd0bcbaaf174bd54
C:\Documents and Settings\All Users\Dane aplikacji\olndoboejijnenklhgdfjlkoonohhngl
C:\Documents and Settings\All Users\Dane aplikacji\SoftSafe
C:\Documents and Settings\All Users\Dane aplikacji\TEMP
C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software
C:\Documents and Settings\Tomek\.android
C:\Documents and Settings\Tomek\daemonprocess.txt
C:\Documents and Settings\Tomek\Dane aplikacji\AVG2012
C:\Documents and Settings\Tomek\Dane aplikacji\Hiyzuh
C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me
C:\Documents and Settings\Tomek\Dane aplikacji\Sewymy
C:\Documents and Settings\Tomek\Dane aplikacji\TuneUp Software
C:\Documents and Settings\Tomek\Dane aplikacji\Xi
C:\Documents and Settings\Tomek\Dane aplikacji\Yveso
C:\Documents and Settings\Tomek\Menu Start\Programy\FoxTab PDF Creator
C:\Documents and Settings\Tomek\Moje dokumenty\Mobogenie
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\cache
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\genienext
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Mobogenie
C:\Program Files\Enigma Software Group
C:\Program Files\Mobogenie
C:\Program Files\MyPC Backup
C:\Program Files\TuneUp Utilities 2013
C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP
C:\WINDOWS\system32\Drivers\ocuprmeb.sys
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks" /v {A3BC75A2-1F87-4686-AA43-5347D756017C} /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f
Reg: reg delete HKCU\Software\Google /f
Reg: reg delete HKLM\SOFTWARE\Google /f
*****************

[764] C:\Documents and Settings\All Users\Dane aplikacji\BetterSoft\OptimizerPro\OptimizerPro.exe => Process closed successfully.
[1744] C:\Program Files\Browsers Protector\regmon32.exe => Process closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Browsers Protector => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
C:\WINDOWS\Tasks\schedule!567381930.job => Moved successfully.
"c:\\docume~1\\alluse~1\\daneap~1\\smartweb\\smartweb.dll" => Value Data removed successfully.
47ead2b2 => Service deleted successfully.
esgiguard => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E435106-CC7D-23BB-5880-31DDEF313F1A} => Key deleted successfully.
HKCR\CLSID\{9E435106-CC7D-23BB-5880-31DDEF313F1A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F45D0066-911A-ECAE-9417-2DDF69F92D01} => Key deleted successfully.
HKCR\CLSID\{F45D0066-911A-ECAE-9417-2DDF69F92D01} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37B85A29-692B-4205-9CAD-2626E4993404} => Value deleted successfully.
HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{b8665832-4e96-1eef-77d6-41bba3c0f95a} => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1 => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Babylon => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Browse22save => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\cA13602MpFkD13602 => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\dd0bcbaaf174bd54 => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\olndoboejijnenklhgdfjlkoonohhngl => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\SoftSafe => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\TEMP => Moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software => Moved successfully.
C:\Documents and Settings\Tomek\.android => Moved successfully.
C:\Documents and Settings\Tomek\daemonprocess.txt => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\AVG2012 => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\Hiyzuh => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\newnext.me => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\Sewymy => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\TuneUp Software => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\Xi => Moved successfully.
C:\Documents and Settings\Tomek\Dane aplikacji\Yveso => Moved successfully.
C:\Documents and Settings\Tomek\Menu Start\Programy\FoxTab PDF Creator => Moved successfully.
"C:\Documents and Settings\Tomek\Moje dokumenty\Mobogenie" => File/Directory not found.
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\cache => Moved successfully.
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\genienext => Moved successfully.
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Google => Moved successfully.
C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Mobogenie => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Program Files\Mobogenie => Moved successfully.
C:\Program Files\MyPC Backup => Moved successfully.
C:\Program Files\TuneUp Utilities 2013 => Moved successfully.
C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP => Moved successfully.
C:\WINDOWS\system32\Drivers\ocuprmeb.sys => Moved successfully.

========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks" /v {A3BC75A2-1F87-4686-AA43-5347D756017C} /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========


========= reg delete HKCU\Software\Google /f =========


Błąd: system nie może odnaleźć określonego klucza rejestru lub wartości.


========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Google /f =========


Operacja ukończona pomyślnie


========= End of Reg: =========



The system needs a manual reboot. 

==== End of Fixlog ====